🟢Learning Objective 1

Task

In the Attack Lab: Find the App Services URL used by Pharma Corp using MicroBurst

Applies to: Attack Lab

Topic Covered: Discovery

Lets start hacking Azure, at the moment we have nothing we just know the client name on these case pharmacorp.

What we can do?

Enumerate sub domain used by the client on the Azure infrastructure using MicroBurst tool. If we already know some sub domain information we can add it to the permutaions.txt file.

. C:\AzAppSec\Tools\MicroBurst\Misc\permutations.txt

. C:\AzAppSec\Tools\MicroBurst\Misc\Invoke-EnumerateAzureSubDomains.ps1

Client name : pharmacorp

Invoke-EnumerateAzureSubDomains -Base pharmacorp -Verbose

After the script finish enumerating we have some sub domains from the client inside the Azure.

Lessons Learn

Start enumerating a client without information, after we got some subdomain we can investigate each App to find some vulnerabilities.